UPDATE: Shai-Hulud/Miasma supply-chain worm jumps to PyPI as "Hades" — 37 malicious wheels across 19 packages

UPDATE (originally covered 2026-06-06): The Miasma/Mini-Shai-Hulud supply-chain lineage previously tracked across npm and GitHub has opened a PyPI front dubbed "Hades": Socket and others identified 37 malicious wheel artifacts across 19 packages abusing Python's .pth site-module startup mechanism to auto-execute on interpreter start without an import (The Hacker News, 2026-06-09). The payload downloads the Bun runtime from GitHub and runs triple-encrypted JavaScript that sweeps GitHub/CI tokens, npm/PyPI/cloud (AWS/GCP/Azure) keys, Kubernetes and Vault configs, SSH keys and AI-tool configs, and plants backdoor config in AI coding-assistant workspaces so future agent sessions execute attacker instructions (Socket, 2026-06-07).

Affected packages spanned developer tooling and a bioinformatics cluster (relevant to university/research compute), all since removed. Hunt for *-setup.pth creation under site-packages, Bun binary downloads from github.com/oven-sh/bun, and the $TMPDIR/.bun_ran sentinel via Sysmon EID 1 with parent python/pip (T1547.013, T1059.007, T1555). Pin dependencies and install with --ignore-scripts; audit recently-installed PyPI packages on research endpoints.